FIX: staff cannot manually activate accounts after 48 hours has elapsed

https://meta.discourse.org/t/staff-cannot-manually-activate-invited-accounts-after-48-hours-has-elapsed/66292/14?u=techapj
2017-07-31 22:24:09 +05:30 · 2017-07-31 22:24:09 +05:30 · 0b01d0e95d
parent 83011045c8
commit 0b01d0e95d
2 changed files with 15 additions and 0 deletions
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@ -211,6 +211,8 @@ class Admin::UsersController < Admin::AdminController

  def activate
    guardian.ensure_can_activate!(@user)
+    # ensure there is an active email token
+    @user.email_tokens.create(email: @user.email) unless @user.email_tokens.active.exists?
    @user.activate
    StaffActionLogger.new(current_user).log_user_activate(@user, I18n.t('user.activated_by_staff'))
    render json: success_json
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@ -416,6 +416,19 @@ describe Admin::UsersController do
        json = ::JSON.parse(response.body)
        expect(json['success']).to eq("OK")
      end
+
+      it "should confirm email even when the tokens are expired" do
+        @reg_user.email_tokens.update_all(confirmed: false, expired: true)
+
+        @reg_user.reload
+        expect(@reg_user.email_confirmed?).to eq(false)
+
+        xhr :put, :activate, user_id: @reg_user.id
+        expect(response).to be_success
+
+        @reg_user.reload
+        expect(@reg_user.email_confirmed?).to eq(true)
+      end
    end

    context 'log_out' do